AMENDMENTS TO THE CLAIMS 



1. (Currently Amended) A method comprising: 
programming a chip secret key into a manufactured chip; 

sending the manufactured chip to a system original equipment manufacturer (OEM); and 
generating at least one private key for the manufactured chip in response to a received key 
update request, issued by the manufactured chip, if the received key update request is 
authenticated, to enable authentication of the manufactured chip without disclosure of the private 
key or any unique device identification information of the manufactured chip a 

wherein the key update request is issued by the manufactured chip in response to chip 
initialization . 

2. (Original) The method of claim 1, wherein prior to programming the chip, the method 
comprises: 

gathering unique identification (ID) information of the manufactured chip; 
encrypting the identification information using a first key to form a chip ID for the 
manufactured chip; and 

encrypting the chip ID using a second key to form the chip secret key. 

3. (Original) The method of claim 2, wherein the unique identification information includes 
a wafer serial number of a wafer from which the chip is formed and an X,Y coordinate location 
of the manufactured chip within the wafer. 

4. (Withdrawn) The method of claim 1, wherein a key size of the chip secret key is less 
than a key size of an asymmetric crypto-system private key. 

5. (Original) The method of claim 1, wherein programming the chip secret key comprises: 
storing the chip secret key within chip fuses of the manufactured chip; and 

blowing selected fuses of the manufactured chip to prevent unauthorized access to the 
chip secret key. 
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6. (Currently Amended) The method of claim 1 , wherein generating the private key further 
comprises: 

receiving the key update request from the system OEM; 
authenticating the received key update request; 

generating cipher text including the at least one private key for the manufactured chip if 
the key update request is authentic; and 

sending the cipher text to the system OEM. 

7. (Original) The method of claim 6, wherein authenticating the received key update request 
comprises: 

verifying a digital signature of the system OEM included within the key update request; 
decrypting the key update request to form a decrypted chip ID if the digital signature of 
the OEM is verified; 

verifying that the chip ID of the manufactured chip matches the decrypted chip ID; and 
disregarding the received key update request if the decrypted chip ID is not verified. 

8. (Original) The method of claim 6, wherein generating the cipher text comprises: 
generating a key vector including the at least one private key. 

9. (Withdrawn) The method of claim 8, wherein generating the key vector comprises: 
encrypting a unique secret value using the chip secret key to form the key vector; 
removing all revoked keys from the key vector to form a private key vector; and 
encrypting the private key vector, the chip ID and a digital certificate of the private key 

vector using the chip secret key and an initialization vector to form the cipher text. 

10. (Withdrawn) The method of claim 1, wherein generating the at least one private key 
comprises: 

generating cipher text including the at least one private key using an initialization vector 
(IV); and 

sending the cipher text to the system OEM including the IV used to form the cipher text. 
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1 1 . (Currently Amended) An article of manufacture including a computer readable storage 
medium having stored thereon instructions which may be used to program a system to perform a 
method, comprising: 

programming a chip secret key into a manufactured chip; 

sending the manufactured chip to a system original equipment manufacturer (OEM); and 
generating at least one private key for the manufactured chip in response to a received key 
update request, issued by the manufactured chip, if the received key update request is 
authenticated, to enable authentication of the manufactured chip without disclosure of the private 
key or any unique device identification information of the manufactured chip., 

wherein the key update request is issued by the manufactured chip in response to chip 
initialization . 

12. (Original) The article of manufacture of claim 11, wherein prior to programming the 
chip, the method comprises: 

gathering unique identification (ID) information of the manufactured chip; 
encrypting the identification information using a first key to form a chip ID for the 
manufactured chip; and 

encrypting the chip ID using a second key to form the chip secret key. 

13. (Original) The article of manufacture of claim 11, wherein generating the private further 
comprises: 

receiving the key update request from the system OEM; 
authenticating the received key update request; 

generating cipher text including the at least one private key for the manufactured chip if 
the key update request is authentic; and 

sending the cipher text to the system OEM. 

14. (Original) The article of manufacture of claim 1 1, wherein authenticating the received 
key update request comprises: 
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verifying a digital signature of the system OEM included within the key update request; 
decrypting the key update request to form a decrypted chip ID if the digital signature of 
the OEM is verified; 

verifying that the chip ID of the manufactured chip matches the decrypted chip ID; and 
disregarding the received key update request if the decrypted chip ID is not verified. 

15. (Withdrawn) The article of manufacture of claim 1 1 , wherein generating the at least one 
private key comprises: 

encrypting a unique secret value using the chip secret key to form the key vector; 
removing all revoked keys from the key vector to form a private key vector; and 
encrypting the private key vector, the chip ID and a digital certificate of the private key 
vector using the chip secret key and an initialization vector to form the cipher text. 

16. (Withdrawn) An article of manufacture including a machine readable medium having 
stored thereon instructions which may be used to program a system to perform a method, 
comprising: 

initializing an integrated chip to generate a key update request using a preprogrammed 
chip secret key stored within the integrated chip; 

transmitting the key update request to a key distribution facility (KDF); and 
storing received cipher text including at least one private key from the KDF 

17. (Withdrawn) The article of manufacture of claim 16, wherein initializing the integrated 
chip comprises: 

providing random cipher text to the integrated chip; 

requesting the integrated chip to generate the key update request; and 

attaching a digital signature of the random cipher text to the key update request. 

18. (Withdrawn) The article of manufacture of claim 17, wherein requesting the integrated 
chip further comprises: 
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decrypting, by the integrated chip, the random cipher text using the chip secret key to 
form a random ID, a random key and a random digital certificate; and 

encrypting, by the integrated chip, the random ID, the chip secret key and a pad value 
using a public key of the KDF to form the key update request. 

19. (Withdrawn) The article of manufacture of claim 16, further comprising: 
providing, during initial boot, the received cipher text to the integrated chip; and 
decrypting, by the integrated chip, the received cipher text using the chip secret key to 

form a chip ID and the at least one private key; and 

authenticating, by the integrated chip, with a content protection application to receive 
protected content. 

20. (Withdrawn) The article of manufacture of claim 16, wherein the method further 
comprises: 

providing the received cipher text to the integrated chip, the cipher text including the at 
least one private key, a key certificate and a chip ID assigned to the integrated chip in encrypted 
format using the chip secret key; 

requesting the integrated chip to generate a key update request; 

encrypting, by the integrated chip, the chip ID, the chip secret key and a random pad 
value using a public key of the KDF to form a second key update request; and 

transmitting the second key update request to the KDF. 

21. (Withdrawn) A method comprising: 

initializing an integrated chip within a system to generate a key update request using a 
preprogrammed chip secret key stored within the integrated chip; 

transmitting the key update request to a key distribution facility (KDF); and 
storing received cipher text including at least one private key from the KDF. 

22. (Withdrawn) The method of claim 21, wherein initializing the integrated chip comprises: 
providing random cipher text to the integrated chip; 
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requesting the integrated chip to generate the key update request; and 
attaching a digital signature of the random cipher text to the key update request. 

23. (Withdrawn) The method of claim 22, wherein requesting the integrated chip further 
comprises: 

decrypting, by the integrated chip, the random cipher text using the chip secret key to 
form a random ID, a random key and a random digital certificate; and 

encrypting, by the integrated chip, the random ID, the chip secret key and a pad value 
using a public key of the KDF to form the key update request. 

24. (Withdrawn) The method of claim 21, wherein storing the received cipher text 
comprises: 

receiving an initialization vector (IV) with the received cipher text from the KDF; and 
saving the received cipher text and the IV within off-chip persistent storage. 

25. (Withdrawn) The method of claim 21, further comprising: 

providing, during initial boot, the received cipher text to the integrated chip; and 
decrypting, by the integrated chip, the received cipher text using the chip secret key to 

form a chip ID and the at least one private key; and 

authenticating, by the integrated chip, with a content protection application to receive 

protected content. 

26. (Withdrawn) The method of claim 25, wherein authenticating further comprises: 
using, by the integrated chip, a private key digital certificate to authenticate with the 

content protection application. 

27. (Withdrawn) The method of claim 25, wherein providing further comprises: 
disabling access to the received cipher text following the initial boot. 

28. (Withdrawn) The method of claim 21, wherein the KDF is a manufacturer of the chip. 
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29. (Withdrawn) The method of claim 21, further comprising: 

providing the received cipher text to the integrated chip, the received cipher text 
including the at least one private key, a private key digital certificate and a chip ID assigned to 
the integrated chip in encrypted format using the chip secret key; 

requesting the chip to generate a key update request; 

encrypting, by the integrated chip, the chip ID, the chip secret key and a pad value using a 
public key of the KDF to form a second key update request; and 
transmitting the second key update request to the KDF. 

30. (Withdrawn) The method of claim 29, wherein the received cipher text includes a key 
vector including a series of non-unique private keys. 

3 1 . (Currently Amended) An integrated chip, comprising: 

a first cryptographic block to decrypt received initialization cipher text using the chip 
secret key to form a chip ID, the at least one private key and a digital certificate; 

key request logic to generate a key update request using a preprogrammed chip secret key 
stored within the integrated chip to receive at least one private key from a key distribution facility 
(KDF) if the key update request is authenticated by the KDF; and 

authentication logic to perform authentication with a content protection application to 
receive protected content using a received digital certificate to avoid disclosing the identity of the 
integrated chip during the authentication. 

32. (Original) The chip of claim 3 1 , further comprising: 

a first cryptographic block to decrypt received random cipher text using the chip secret 
key to form a random ID, a random private key and a random digital certificate; and 

a second cryptographic block to encrypt the random ID, the chip secret key and a pad 
value using a public key of the KDF to form the key update request. 

33-34. (Canceled) 
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35. (Currently Amended) The integrated chip o f claim 33 claim 31 , wherein: 

the initialization cipher text includes a key vector including a series of non-unique private 

keys. 

36. (Withdrawn) A system comprising: 
a flash memory; 

an integrated chip including key logic to generate a key update request using a 
preprogrammed secret key stored within the integrated chip to receive at least one private key 
from a key distribution facility (KDF); 

a processor coupled to the integrated chip; and 

a storage device coupled to the processor, having sequences of instructions stored therein, 
which when executed by the processor, the processor is caused to initialize the integrated chip to 
generate the key update request, to transmit the key update request to the KDF and to store 
received cipher text including the at least one private key received from the KDF within the flash 
memory. 

37. (Withdrawn) The system of claim 36, wherein the processor is further caused to provide 
during initial system boot the received cipher text to the integrated chip and to disable access to 
the received cipher text following the initial system boot. 

38. (Withdrawn) The system of claim 36, wherein the processor is further caused to receive 
an initialization vector (IV) used to form the received cipher text with the received cipher text 
from the KDF and to save the received cipher text and the IV within a flash memory. 

39. (Withdrawn) The system of claim 36, wherein the KDF is a manufacturer of the 
integrated chip. 

40. (Withdrawn) The system of claim 36, wherein the received cipher text includes a key 
vector including a series of non-unique private keys. 
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41. (Cancelled) 
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